Aggregator

Let's be honest. The world of cybersecurity feels like a constant war zone. You're bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It's exhausting, isn’t it? But what if there was a better way? Imagine having every essential cybersecurity tool at your fingertips, all within a single, intuitive platform, backed by expert support 24/7. This is

Как потерять средства, доверившись собеседнику.

Linux-сообщество в ярости, пока компания пытается найти компромисс.

Browser credential harvesting is an unusual activity for a ransomware group

Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today.  Attack surface management vs exposure management Attack surface management (ASM) is the ongoing

Технология поможет военным выбирать боеприпасы и мишени на поле боя.

Зарубежное программное обеспечение станет дороже.

КНДР ищет новый источники заработка в IT-секторе.

Члену международной кибергруппировки выдвинули официальные обвинения.

咨询公司 Gartner 警告，AGI 至少需要 10 年才可能实现，可能永远无法实现，甚至不值得去追求。AGI 是过去几年的热门主题，OpenAI 等大模型构建者大胆宣称已经建立了一条通往类人智能的道路。但认知科学领域的专家对此不以为然，认为大模型所采用的方法是不充分的。Gartner 认为 GenAI 即将迎来幻灭期，人们对它的期望过高，但现实远远达不到这一期望，至少短期内不可能实现。道路将会是曲折的。生成式 AI 不会消失，但投资的热情将会削弱，AI 专家认为一个重大挑战是生成式 AI 的“幻觉”问题缺乏强有力的解决方案。

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed out. CVE-2024-28987 CVE-2024-28987 stems from Web Help Desk having hardcoded credentials that can be misused by remote unauthenticated users to access internal functionality and modify data. The vulnerability was reported by Horizon3.ai vulnerability researcher Zach Hanley, after after digging into … More →

The post Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) appeared first on Help Net Security.

拿到数据，是人形机器人的竞争关键。

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report. The attack, detected in July

每日更新当天鲜活情报和热点漏洞

活动不停，奖励不停！抓住夏日的尾巴，一波初秋福利送上～希望所有师傅都取得满意的成绩！

Учёные оказались отрезаны от ключевого инструмента финансирования проектов.

A vulnerability classified as problematic has been found in Vmware Spring Boot up to 2.7.21/3.0.16/3.1.12/3.2.8/3.3.2. Affected is an unknown function of the component Nested JAR File Handler. The manipulation leads to improper verification of cryptographic signature. This vulnerability is traded as CVE-2024-38807. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

近年来，随着网络技术的发展和对外交往的增加，跨境赌博犯罪呈现迅速蔓延的态势。为充分发挥警示、教育、指引作用，最高人民法院近期发布了6件跨境赌博及其关联犯罪典型案例。